diff --git a/node_modules/npm-audit-report/lib/reporters/detail.js b/node_modules/npm-audit-report/lib/reporters/detail.js index 9be6e2ae77e1e..50451f057972d 100644 --- a/node_modules/npm-audit-report/lib/reporters/detail.js +++ b/node_modules/npm-audit-report/lib/reporters/detail.js @@ -15,11 +15,9 @@ const fullReport = (data, { color, summary }) => { const printed = new Set() for (const [name, vuln] of Object.entries(data.vulnerabilities)) { - if (printed.has(vuln)) - continue - - printed.add(vuln) - output.push(printVuln(vuln, c, data.vulnerabilities, printed)) + // only print starting from the top-level advisories + if (vuln.via.filter(v => typeof v !== 'string').length !== 0) + output.push(printVuln(vuln, c, data.vulnerabilities)) } output.push(summary) @@ -27,7 +25,11 @@ const fullReport = (data, { color, summary }) => { return output.join('\n') } -const printVuln = (vuln, c, vulnerabilities, printed, indent = '') => { +const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') => { + if (printed.has(vuln)) + return null + + printed.add(vuln) const output = [] output.push(c.white(vuln.name) + ' ' + vuln.range) @@ -69,11 +71,9 @@ const printVuln = (vuln, c, vulnerabilities, printed, indent = '') => { for (const effect of vuln.effects) { const vuln = vulnerabilities[effect] - // still print it again if it has its own advisory as well - if (vuln.via.filter(v => typeof v !== 'string').length === 0) - printed.add(vuln) const e = printVuln(vuln, c, vulnerabilities, printed, ' ') - output.push(...e.split('\n')) + if (e) + output.push(...e.split('\n')) } if (indent === '') { diff --git a/node_modules/npm-audit-report/package.json b/node_modules/npm-audit-report/package.json index d1b8dff5f8b45..66b4a6aa74b2c 100644 --- a/node_modules/npm-audit-report/package.json +++ b/node_modules/npm-audit-report/package.json @@ -1,6 +1,6 @@ { "name": "npm-audit-report", - "version": "2.1.3", + "version": "2.1.4", "description": "Given a response from the npm security api, render it into a variety of security reports", "main": "lib/index.js", "scripts": { diff --git a/package-lock.json b/package-lock.json index feb80b3b3e403..bd026299eb91c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -133,7 +133,7 @@ "mkdirp-infer-owner": "^2.0.0", "ms": "^2.1.2", "nopt": "^5.0.0", - "npm-audit-report": "^2.1.3", + "npm-audit-report": "^2.1.4", "npm-package-arg": "^8.0.1", "npm-pick-manifest": "^6.1.0", "npm-profile": "^5.0.1", @@ -4458,9 +4458,9 @@ } }, "node_modules/npm-audit-report": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.3.tgz", - "integrity": "sha512-X1WrROU3xvHhxVJY5yIcpDHevnOE/IGg68igib/DPdO8CIPVPr0aeG4Hsn3mQxNvSUGJ02sy53G1uLuCUaN0MQ==", + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.4.tgz", + "integrity": "sha512-Tz7rnfskSdZ0msTzt2mENC/B+H2QI8u0jN0ck7o3zDsQYIQrek/l3MjEc+CARer+64LsVTU6ZIqNuh0X55QPhw==", "inBundle": true, "dependencies": { "chalk": "^4.0.0" @@ -12577,9 +12577,9 @@ "dev": true }, "npm-audit-report": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.3.tgz", - "integrity": "sha512-X1WrROU3xvHhxVJY5yIcpDHevnOE/IGg68igib/DPdO8CIPVPr0aeG4Hsn3mQxNvSUGJ02sy53G1uLuCUaN0MQ==", + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.4.tgz", + "integrity": "sha512-Tz7rnfskSdZ0msTzt2mENC/B+H2QI8u0jN0ck7o3zDsQYIQrek/l3MjEc+CARer+64LsVTU6ZIqNuh0X55QPhw==", "requires": { "chalk": "^4.0.0" } diff --git a/package.json b/package.json index 4c8f8e7b9138b..90dd0621df978 100644 --- a/package.json +++ b/package.json @@ -84,7 +84,7 @@ "mkdirp-infer-owner": "^2.0.0", "ms": "^2.1.2", "nopt": "^5.0.0", - "npm-audit-report": "^2.1.3", + "npm-audit-report": "^2.1.4", "npm-package-arg": "^8.0.1", "npm-pick-manifest": "^6.1.0", "npm-profile": "^5.0.1",